Thanks to xda main page I download this free app and was shocked to find that most apps wanted to know my location my imei and have access to my contacts.
This app is like uac for windows but better. Give it a try on the market
Sent from my Dell Streak
Does this mean most devs have a big brother fetish?
I downloaded LBE this morning. I'm surprised at just how many apps have phone state and identity as one of the permissions. Question is however whether the apps will update properly without this permission.
I have fring requesting contact information and access to sms twice an hour.
Sent from my Dell Streak
Well, from my limited research, read phone state and identity permission is related to one of three things:
1. Android 1.5 compatibility.
2. Registration check.
3. App needs to be shoved into the background when a call comes in.
The Amazon Appstore reads the phone number whenever you open it. This is because the Appstore needs to know what phone to sideload the.app to. It's currently the only app I have that does this. All my other.apps are free since I don't have spare cash to spend on the Market. So far none of those apps have triggered this permission.
You load tweetcaster pro from amazon that asks for stuff alot
Sent from my Dell Streak
Amazing how many stupid apps need to access stuff that they probably don't need to access. Blocked a BUNCH of garbage today...turned on the phone at 7am, and by 5pm, it had blocked 32 requests.
Lol. Had it installed for an hour, nothing happened until XDA Premium app asked for my IMEI...
sent from XDA Premium app on Streakdroid 1.9.1.4
Related
Ok, maybe I'm in the wrong place. But here goes.
My phone is trying to send text to paid numbers behind my back. I'm using prepaid so it doesn't work. I get a "You have insufficient funds to send this text" message daily, at random times.
I have no pirated apps. Everything on my phone came straight from the market. However, I've not installed a single one of the apps that was on the recent list all over tech sites.
I'm planning on reflashing with a different rom and changing all the passwords that were stored on my phone.
BUT.
Before I do this, I want to find out which app is causing this behavior. Any Ideas on how to find out what is sending random text from my phone (they don't show up in the messaging app)
viogrep said:
Ok, maybe I'm in the wrong place. But here goes.
My phone is trying to send text to paid numbers behind my back. I'm using prepaid so it doesn't work. I get a "You have insufficient funds to send this text" message daily, at random times.
I have no pirated apps. Everything on my phone came straight from the market. However, I've not installed a single one of the apps that was on the recent list all over tech sites.
I'm planning on reflashing with a different rom and changing all the passwords that were stored on my phone.
BUT.
Before I do this, I want to find out which app is causing this behavior. Any Ideas on how to find out what is sending random text from my phone (they don't show up in the messaging app)
Click to expand...
Click to collapse
Install a android antivirus and firewall like Lookout.
Sent from my GingerBread Eris using XDA App
lookout finds nothing. All the other AV software fails to install. "Unknown error -18"
i have plenty of free space.
viogrep,
I wrote a novel, but then thought I should just ask a few preliminary questions:
Q1) does the error message contain any useful "hints", such as the destination number ?
Q2) if you use a logcat - capturing app, does anything show up in the logcat right around the time the message is generated which might provide some further clues?
There's a lot of different techniques you can use, but they require a bit of effort - not only to perform, but to explain, too.
Q3) Are you willing to post up the output of the "ps" command to a pastebin?
Q4) What apps on your phone request "SEND_SMS" privileges? You can find out with
Code:
strings /data/system/packages.xml > /sdcard/strings-pkgs-xml.txt
and then poking through the "strings-pkgs-xml.txt" file. When you see (for instance)
name="android.permission.SEND_SMS"
the immediately prior package is what requested it. Either that or you can do something tricky like
Code:
strings /data/system/packages.xml | awk '/<package name/{pkg=$2;}; /_SMS/{print pkg, $2;}'
bftb0
1. No destination number in the error. Sorry.
2. Also, no clues in logcat from what I've seen.
3. PS > http://pastebin.com/iUAfP9Yb
4. Besides the default gapps, the only other app with SEND_SMS priv. is Koxx Pure Messenger. (Purchased from the market, Have had for awhile, the sms sending is new)
Going to try to call my provider and see if I can get the number that's been denied because of funds.
*edit* No luck with provider.
I'd really like to know whats doing it so I don't install the same app once I flash. Luckily I keep nothing important on my phone. Its gmail account is actually a duplicate with my original forwarding to it. I'm a tiny bit overprotective over my email(address). :x
viogrep said:
4. Besides the default gapps, the only other app with SEND_SMS priv. is Koxx Pure Messenger. (Purchased from the market, Have had for awhile, the sms sending is new)
Click to expand...
Click to collapse
I know that it isn't necessarily this simple, but if that really is the only other app besides the GAPPs with SMS priveledges, especially coupled with the knowledge that the SMS capability is new, I think you have your answer.
If you tried a new ROM and restored all but that one app, and the problem never happens again then you can be 95% sure. Only way to be 100% sure is that after a certain length of time without a problem (a week?) you reinstall Koxx and then if the problem starts happening again.
I looked through your "ps" listing.
Didn't see anything too obvious sticking out at me; there were a couple of non-market apps running though. I know that there is no theoretical reason why non-market apps would be malicious - on the other hand, I sort of wonder why they are not on the market... you know what I mean? What is stopping them? (In the case of Tubemate - which was actually kicked off of Google's market, my suspicions are even higher. I realize it was not kicked off because of malware; but still...)
These were the only processes that were either not on my phone, or I didn't really recognize.
Code:
com.dylan.tube = [Non-Market App] Tubemate
com.gau.golauncherex.notification = GO Launcher EX (READ SMS)
com.levelup.beautifulwidgets = Beautiful Widgets (LevelUp)?
com.revsodev.volumecontrol = [Non-Market App] Volume Control (Cyrket?)
com.swype.android.inputmethod = Swype?
com.tencent.research.drop = QQPlayer (no perms req'd?)
net.bajawa.battery = BattStatt (no perms req'd?)
org.sipdroid.sipua = Sipdroid VoIP + video
The Road Warrior has an idea which is sort of useful; but I'll modify it to use binary division.
Start with a freshly installed, clean ROM, and only install half of your apps. (I would put all of your most frequently used apps in the first half, and delay any non-market apps as long as possible). Here's how this goes:
- if the "half" you put on the phone is trouble-free (long enough to know the SMS popup thing is not going on), then, install half of the remaining apps, and wait again to see if there is a problem.
- if the "half" you put on the phone develops trouble, then you know that the problem app is in that group. Wipe the phone and re-install all prior "halves" (that caused no trouble), but split the current half (the group containing the suspect app) in half, and only install that. Proceed in this fashion until you are down to the app which causes the trouble.
If you have 128 apps on your phone, and you wait 1 day between installations, it will take 7 days to find the malicious app. (And if you don't get a failure within the first two days, your phone will have 3/4s of it's apps installed - that's not too bad).
The thing is though, even if you had an app compromise your phone, it might not be an "app" that is doing the dirty work any longer. For example, the most recently discovered malware ran rooting exploits against the device, and once successful, downloaded and installed "other stuff". That "other stuff" could be native binaries. So, examining permissions in the system manifest doesn't necessarily guarantee that you have exhaustively looked at your phone, or discovered all possible means of interacting with the SMS system.
It might be "just an app", though - and if it were me, the first ones that I would suspect are non-Market apps, or apps that *cough* got downloaded from "freeware" sites.
Thanks for the responses. I actually did a fresh flash last night. First thing I installed was tubemate (running through non market apps) and it did it. Ironically I added some money to my account to see if I could get the number it was trying to text. Apparently it still couldn't go through.
Sent from my FroShedYo V10-ERIS using XDA App
I had a game from a Chinese developer that stole my gmail. Log into yours from the website and see if you get a red warning.
Sent from my GSBv1.9 ERIS using XDA App
viogrep said:
Thanks for the responses. I actually did a fresh flash last night. First thing I installed was tubemate (running through non market apps) and it did it. Ironically I added some money to my account to see if I could get the number it was trying to text. Apparently it still couldn't go through.
Sent from my FroShedYo V10-ERIS using XDA App
Click to expand...
Click to collapse
I'm always amazed when something I suggested actually works. LOL. It's just that I'm used to things being more complicated than I hope.
Glad you figured out the trouble!
Thanks bt and RW for the help.
As far as the gmail thing... I use a different gmail address on my phone with email forwarded (different pass)...
If it gets taken I just stop the forwarding and make a new one. Makes things a more simple. Sure, they can see past emails, but they cant request passes/info from other sites... (I also monitor the login IPs in gmail, religiously. Just a habbit.)
viogrep said:
Thanks bt and RW for the help.
As far as the gmail thing... I use a different gmail address on my phone with email forwarded (different pass)...
If it gets taken I just stop the forwarding and make a new one. Makes things a more simple. Sure, they can see past emails, but they cant request passes/info from other sites... (I also monitor the login IPs in gmail, religiously. Just a habbit.)
Click to expand...
Click to collapse
You're welcome. You could just change your password from the web if your phone gets stolen.
Especially since it's the gmail address you use on your phone that everything is sync'd to, not the one that's forwarding to it. So if you got another Android phone you'd lose all your contact info and bought and installed apps info, calendar and such. Unless you sync them manually which is so much harder in my experience.
Or you could use one of the many free apps out there that would let you remotely do many things to your phone. Turn the GPS on, triangulate your phone, make your phone scream, do a factory reset to erase everything...
Just a suggestion.
I have noticed these chinese apps some how self installing on my S2.
Any idea how to get to the source of these unauthorized installs? (Lookout & AVG & NetQin don't detect them as malicious or find any reason for how they are getting on there).
Currently using KH3 + CFRoot.
Why do people give so little information when they post?
What Chinese apps? (Please provide a screen shot if the app name is in Chinese) .
This sounds really really bad.
Has this happened to any one else?
It should not be possible for this to happen.
Does your phone have any connection with China or have you installed any Chinese software?
If this is happening then you must have done something yourself to start the process. Nothing can install itself without your consent, unless there's malicious software that's bypassing the system and installing for you, but you would have had to install that first.
So, as above, a lot more information is needed. Personally, I'd just do a complete wipe and hard reset and never install anything from untrusted sources again, including warez, 3rd party app stores and the Chinese Market, which is known to have had dodgy software before now.
My friend got an S2 from China and it was preloaded with all those Chinese apps. Examples include QQ Security Suite and some other apps. I used Titanium Backup to uninstall but after each restart, the app re-appears!
I was surprised that Titanium couldn't uninstall. It says it uninstalled successfully but it just re-appears. The only thing I could do is to do a re-flash to a Hong Kong firmware without all those pre-loaded Chinese apps.
But before you wipe everything, please help us try and find out how it happened?
Again has this happened to any one else? Because I want to know if this could happen to my phone!
Mine also did this on stock rom i would uninstall samsung apps reboot and it would reappear on my menu. Is it possible the rom comes with an auto install script for the preloaded apps?
Sent from my GT-I9100 using XDA App
otester said:
I have noticed these chinese apps some how self installing on my S2.
Any idea how to get to the source of these unauthorized installs? (Lookout & AVG & NetQin don't detect them as malicious or find any reason for how they are getting on there).
Currently using KH3 + CFRoot.
Click to expand...
Click to collapse
If you have CF-Root, you have super user installed. Review your permissions. You can also install LBE privacy guard and set permissions for all apps as well, including many system apps (you'll need to 'untrust' them first).
Sent from my GT-I9100 using XDA App
Sorry for the little information guys, was 5am and very tired
I deleted the second incarnation of the app as soon as I saw it (worried about personal details being taken etc.) however it if it reappears again then I will screenshot it.
Virus scanners don't detect them as malicious, when the program opened (after stealth install) I went through it, albeit in Chinese it looked like a legit program and the menu worked etc.
I have market 3.1.3 installed (got the apk off the internet) and a few apps that got removed from the market place (torrent clients and certain games I couldn't find etc.) so it could well have been put in them.
I'm thinking about a hard reset, not using titan backup to avoid it coming back and a re-flash.
Also my phone has no connection with China (purchased in the UK), this has only happened recently.
Is there any more info needed before reset etc.?
Looks like the suspect apps removed from the market may have been the cause.
Does anybody know if running as root alows all download apps to run with root permissions?
LouisJB said:
Looks like the suspect apps removed from the market may have been the cause.
Does anybody know if running as root alows all download apps to run with root permissions?
Click to expand...
Click to collapse
Issue is the damage seems to have been done, looks like I have no choice but to reflash etc. Need a virus scanner that has root so it can do a deeper scan.
Superuser is a lot like UAC on Windows Vista/7, it will popup and ask you to allow/deny.
Also is there any way to wipe the device while re flashing to ensure this gets removed?
I found a folder on my Internal Storage "QinqiQuan" (Google Image search pinpoints this as one of the apps) which translates in Chinese to English as "Infringement", however the app itself appears to be a legitimate Chinese social app so I'm not sure of my original concern regarding "Infringement" being copyright related etc.
Another few suspicious folders were "the9GameCenter" & "waze".
In future I'll be sticking the Market and official sites, even if that means doing without certain apps that aren't available on my handset/region
Isnt waze a community based sat nav app?
poults said:
Isnt waze a community based sat nav app?
Click to expand...
Click to collapse
The apps themselves appear legitimate, but I didn't authorize the installs which is what worries me.
I wiped internal storage, wiped data and then re-flashed + CFRooted.
Hopefully what ever it was, won't come back
And how about the security in your computer? As we know, you can install an app in your phone via your market account using your computer. Perhaps someone is playing around with your market account. If this is the case, changing your password would be a good idea.
Sent from my GT-I9100 using XDA App
angelomaldito said:
And how about the security in your computer? As we know, you can install an app in your phone via your market account using your computer. Perhaps someone is playing around with your market account. If this is the case, changing your password would be a good idea.
Sent from my GT-I9100 using XDA App
Click to expand...
Click to collapse
Yeah I have changed my password and turned on all the Google security settings, albeit a bit of pain, does give peace of mind
Sent from my GT-I9100 using xda premium
I'm searching for two diffirent kinds of localization apps.
First i need an app which is installed on Android phone and can track positions of non-android phones i.e. by phone number.
And the second one app that i can install on my phone and in case of stealing my phone i will be able to find it by gps i.e. by using some kind internet or PC app or another android program.
Is there any apps like that? If they were free that's will be amazing.
Second question:
Try:
- webkey
- AntiVirus
Accidentally sent from my Google Nexus S using XDA Premium
That's not what i'm looking for. Any other ideas?
Is there anyway to figure out where they are coming from? I tried removing the last couple of apps I downloaded but I still get one occasionally. Thanks in advance
Sent from my SGH-T959 using XDA App
Can you post a screen shot? I am interested to see what they look like and maybe get some more clues.
What ROM are you running? Come from? Odd apps with stranger permissions? Have you tried LBE Privacy Guard to see what is sending/receiving?
Those damn push notification ads. You could try using Addons Detector:
https://market.android.com/details?id=com.denper.addonsdetector
Wood, I am running D9 but I can't post a screenshot at the moment because I recently cleared out my notifications and it went away. It only seems to pop up once a day.
Sent from my SGH-T959 using XDA App
That app the jr67 posted the link to seems really promising. I think you should check that out. I have D9 as my "home" ROM and I haven't seen these yet. But I am hyper-maintenance oriented though, so that might be why. Also might want to look into Adfree on the market too.
Yeah I downloaded both apps mentioned and I am now monitoring. I do have adfree however it says my host file is up to date. I will post a screeny if it pops back up.
Sent from my SGH-T959 using XDA App
Hey, woodrube, if you're really curious about what those notification ads look like try installing a call filter app called Easy Filter. It was actually a pretty good call filter but it wasn't worth putting up with all those ads.
AdAway is a good alternative to Adfree. They work the same way but Adaway also let's you blacklist/whitelist specific sites yourself. You can try digging through the logcat to find the site that's delivering the ad then blacklist it.
Autostarts = win
once you figure which app is the culprit (and presuming its an app that you want to keep), purchase an app called "autostarts". it is well worth the $1 or whatever it is. the app is pretty self explanatory, it prevents apps from opening by themselves under certain conditions. open the app, let it populate scenarios, and just go through each category and if you see the culprit listed - DISABLE THAT *****.
once you do this, you will now be able to kill/force stop the app whenever youre done using it, and you will never see/hear from it again until you open it yourself.
i use this method for Blood & Glory, and no ads for me ever.
DISCLAIMER: Autostarts is a VERY powerful app and you are definitely going to want to explore it, but dont fool around with system apps unless you are 100% sure you know what you are doing. this goes the same for any other app that is important to your personal desired functionality of your phone (third party texting apps, facebook app, twitter, camera, etc.)
what i personally did was downloaded a conventional task manager to find out which apps like to plot behind my back. i made a list of the ones that never have any business being open unless i open them, then went into autostarts and disabled them under the rescpective scenarios. this program is fantastic for saving battery and RAM
Yeah thanks a lot. I think I got rid of it but not sure which app was causing it because I uninstalled a few at once. I will keep that app in mind if I ever run into this problem again.
Sent from my SGH-T959 using XDA App
Here is the problem;
I have a mobile banking app on my phone. The app is in the store and can be downloaded, but it has to be activated in order to be able to use it. So every time time I change the phone (and I do that once or twice a year), I have to go to the bank to get the code. I understand that this is a security measure. However, I'm so sick of this, that I'd like to try solving it.
Now, I'd like to be able to transfer that app to another phone without going to the bank/getting the new code. Is there a way to do this?
Maybe with Titanium Backup!
No. I tried that some time ago. If I recall correctly, it just creates APK file from installed app, and this file can transfered to another device. There it installs like any other new APK. And in this case, it will ask me for an activation code. At least that's how it was last year when I tried to transfer the same app to my HD2.
So restoring data as well from TB does not work?
I'm thinking if there is any "loose" folder post activation on the sd card that isn't caught by titanium.
Sent from my GT-N7000 using Xparent ICS Tapatalk 2
I just tried. This time I used app+data. And I got behind the activation code point, but I'm stuck on PIN nr. First 2 times it said wrong pin, although I entered the same PIN I'm entering on my old phone. 3rd time it started to show various errors.
I guess it got locked somehow. It does happen if you enter the wrong PIN 3 times.
The interesting thing is that the app is still working on my old phone.
I guess they protected it well.
Just a noob here but maybe transfer the apk and the data file with Bluetooth file transfer I've used it for apks and zip files. hope this helps
Edit : and fix permissions ?
Sent from my SCH-I535 using xda app-developers app
I doubt there would be any difference in sending the files via bluetooth.
In the play store sign-in to the same email that you used. You can find all your apps synchronized and you can re-download and install on the new device.
Not true.
Not every app.
Sent from my GT-I9100 using Tapatalk 2
I don't think it would be possible because it looks that app code is linked with hardware. Whener you are going to change hardware you will need new code.
That's a good security measure, you should be grateful to your bank.
Sent from my LG-P500 using xda
Your app download history is saved to your Gmail account, so when you sync that to your new phone, all the apps will be there.
OR
Store
APK Extractor
Short press
Share
options email/bluetooth